Worker DTLS files best practices?

xplatsolutions · May 31, 2020, 7:04pm

Any best practices in generating DTLS certificate and the private key files for worker?

const worker = await mediasoup.createWorker(
  {
    logLevel            : "warn",
    dtlsCertificateFile : "/home/foo/dtls-cert.pem",
    dtlsPrivateKeyFile  : "/home/foo/dtls-key.pem"
  });

Not the greatest with this context, I’d appreciate even specific to mediasoup server guidelines.

ibc · May 31, 2020, 7:39pm

I see no reason to provide DTLS certificate over letting mediasoup generate a random one.

xplatsolutions · May 31, 2020, 7:41pm

Nice! I removed the parameters and server started.
What about production? I assume I set to the certificate generated for the server.

EDIT: I might be confusing the DTLS certificate with the web server certificate and the above statement might be irrelevant.

nazar-pc · June 1, 2020, 2:16am

You may want to use that to make mutual peer authentication, but you need to have control over certificates on both ends and there is no such API in the browser. Browsers and most other software (with some obscure exceptions) generate those automatically.
So unless you really know that you need it, just don’t bother and let server generate it for you automatically.

xplatsolutions · June 1, 2020, 3:02am

I’ll go with it, totally fine and thanks for the explanation

Topic		Replies	Views
Is there a way to run the server without SSL certificates ? mediasoup-demo	1	298	December 21, 2022
Any idea on how to create or obtain certificate files mediasoup-demo	3	2501	December 2, 2019
server x DTLS handshake failed (mediasoup-client-aiortc) mediasoup libraries	1	670	January 28, 2021
Mediasoup crashes when creating a worker - Docker mediasoup libraries	3	409	September 29, 2021
Start mediasoup demo-v3 (docker) mediasoup-demo	1	84	February 10, 2024

Worker DTLS files best practices?

Related Topics